Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 14.02.2011, 19:28   #1
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



Hallo an alle,
mein PC startete zwar, aber es kam nach dem booten nur der Wallpaper im Hintergrund. Der Desktop selbst blieb leer. Unter`m Taskmanager sah ich, dass der Explorer.exe nicht gestartet wurde..schätzungsweise hatte ich einen Trojaner, oder Malware drauf, was meine Progamme mir bestätigten (AVAST,Spybot Search and Destroy,Malwarebytes' Anti-Malware).

Nach der Anleitung von Larusso hier aus dem Board http://www.trojaner-board.de/89918-l...e-larusso.html
läuft nun mein PC wieder normal... so der Anschein.

Kann einer von euch bitte die Logfiles anschauen und mir sagen, ob da noch was im Argen liegt?
Wäre euch unendlich dankbar!!
  • Log von MBAM
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5754

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13.02.2011 20:39:52
mbam-log-2011-02-13 (20-39-52).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 173087
Laufzeit: 5 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\userinit.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explorer (Trojan.Agent) -> Value: Explorer -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\dokumente und einstellungen\administrator\startmenü\programme\autostart\nokul.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\default user\startmenü\programme\autostart\leuwn.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\srvzmon.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
         
  • defogger_disable.log

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:45 on 13/02/2011 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
Weitere Logs siehe unten..

Alt 14.02.2011, 19:34   #2
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



Weitere Logs:

  • Gmer.txt Teil 1

Code:
ATTFilter
GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-02-14 07:16:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-10 WDC_WD5000AADS-00S9B0 rev.01.00A01
Running: g2m3e4r.exe; Driver: C:\DOKUME~1\User\LOKALE~1\Temp\pgtdapob.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwAllocateVirtualMemory [0xAF5B8728]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwClose [0xAF5BF7EA]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwCreateKey [0xAF5BF6A2]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwDeleteKey [0xAF5BFCA8]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwDeleteValueKey [0xAF5BFBBE]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwDuplicateObject [0xAF5BF276]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwFreeVirtualMemory [0xAF5B87D8]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwOpenKey [0xAF5BF77E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwOpenProcess [0xAF5BF1B2]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwOpenThread [0xAF5BF218]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwProtectVirtualMemory [0xAF5B8870]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwQueryValueKey [0xAF5BF8C2]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwRenameKey [0xAF5BFD76]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwRestoreKey [0xAF5BF880]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwSetValueKey [0xAF5BFA04]

Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwCreateProcessEx [0xAF5CC82E]
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwCreateSection [0xAF5CC652]
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ZwLoadDriver [0xAF5CC78C]
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                NtCreateSection
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ObInsertObject
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)                                                ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 23E8                                                                                                 80501C20 2 Bytes  JMP A0AF5BF7 
.text           ntkrnlpa.exe!ZwCallbackReturn + 2494                                                                                                 80501CCC 2 Bytes  [76, F2] {JBE 0xfffffffffffffff4}
PAGE            ntkrnlpa.exe!ZwLoadDriver                                                                                                            8057969A 7 Bytes  JMP AF5CC790 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!NtCreateSection                                                                                                         805A0816 7 Bytes  JMP AF5CC656 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ObMakeTemporaryObject                                                                                                   805B1DB4 5 Bytes  JMP AF5C81EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ObInsertObject                                                                                                          805B8C2C 5 Bytes  JMP AF5C9C88 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE            ntkrnlpa.exe!ZwCreateProcessEx                                                                                                       805C74CC 7 Bytes  JMP AF5CC832 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
init            C:\WINDOWS\system32\drivers\senfilt.sys                                                                                              entry point in "init" section [0xB8A19900]

---- User code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\brsvc01a.exe[328] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brsvc01a.exe[328] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ntdll.dll!LdrLoadDll                                                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ntdll.dll!LdrUnloadDll                                                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!SetWindowsHookExW                                                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!UnhookWindowsHookEx                                                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!SetWindowsHookExA                                                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!SetWinEventHook                                                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] USER32.dll!UnhookWinEvent                                                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!SetServiceObjectSecurity                                                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigA                                                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigA + 4                                                           77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigW                                                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfigW + 4                                                           77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfig2A                                                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!ChangeServiceConfig2W                                                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!CreateServiceA                                                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!CreateServiceW                                                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\brss01a.exe[356] ADVAPI32.dll!DeleteService                                                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ntdll.dll!LdrLoadDll                                                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ntdll.dll!LdrUnloadDll                                                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!SetServiceObjectSecurity                                                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigA                                                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigA + 4                                                           77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigW                                                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfigW + 4                                                           77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfig2A                                                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!ChangeServiceConfig2W                                                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!CreateServiceA                                                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!CreateServiceW                                                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] ADVAPI32.dll!DeleteService                                                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!SetWindowsHookExW                                                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!UnhookWindowsHookEx                                                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!SetWindowsHookExA                                                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!SetWinEventHook                                                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spoolsv.exe[364] USER32.dll!UnhookWinEvent                                                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\crypserv.exe[520] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ntdll.dll!LdrLoadDll                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ntdll.dll!LdrUnloadDll                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!SetWindowsHookExW                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!UnhookWindowsHookEx                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!SetWindowsHookExA                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!SetWinEventHook                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] USER32.dll!UnhookWinEvent                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!SetServiceObjectSecurity                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigA                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigA + 4                                          77E06E6D 1 Byte  [EC]
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigW                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfigW + 4                                          77E07005 1 Byte  [EC]
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfig2A                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!ChangeServiceConfig2W                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!CreateServiceA                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!CreateServiceW                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe[580] ADVAPI32.dll!DeleteService                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ntdll.dll!LdrLoadDll                                                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ntdll.dll!LdrUnloadDll                                                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!SetServiceObjectSecurity                                                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigA                                                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigA + 4                                                           77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigW                                                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfigW + 4                                                           77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfig2A                                                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!ChangeServiceConfig2W                                                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!CreateServiceA                                                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!CreateServiceW                                                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] ADVAPI32.dll!DeleteService                                                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] USER32.dll!SetWindowsHookExW                                                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] USER32.dll!UnhookWindowsHookEx                                                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] USER32.dll!SetWindowsHookExA                                                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] USER32.dll!SetWinEventHook                                                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[752] USER32.dll!UnhookWinEvent                                                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ntdll.dll!LdrLoadDll                                             7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ntdll.dll!LdrUnloadDll                                           7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!SetServiceObjectSecurity                            77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigA                                77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigA + 4                            77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigW                                77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfigW + 4                            77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfig2A                               77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!ChangeServiceConfig2W                               77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!CreateServiceA                                      77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!CreateServiceW                                      77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] ADVAPI32.dll!DeleteService                                       77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!SetWindowsHookExW                                     7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!UnhookWindowsHookEx                                   7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!SetWindowsHookExA                                     7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!SetWinEventHook                                       7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[784] USER32.dll!UnhookWinEvent                                        7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ntdll.dll!LdrLoadDll                                                   7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ntdll.dll!LdrUnloadDll                                                 7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!SetServiceObjectSecurity                                  77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigA                                      77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigA + 4                                  77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigW                                      77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfigW + 4                                  77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfig2A                                     77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!ChangeServiceConfig2W                                     77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!CreateServiceA                                            77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!CreateServiceW                                            77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] ADVAPI32.dll!DeleteService                                             77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!SetWindowsHookExW                                           7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!UnhookWindowsHookEx                                         7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!SetWindowsHookExA                                           7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!SetWinEventHook                                             7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe[804] USER32.dll!UnhookWinEvent                                              7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ntdll.dll!LdrLoadDll                   7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ntdll.dll!LdrUnloadDll                 7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!SetServiceObjectSecurity  77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigA      77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigA + 4  77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigW      77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfigW + 4  77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfig2A     77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!ChangeServiceConfig2W     77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!CreateServiceA            77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!CreateServiceW            77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] ADVAPI32.dll!DeleteService             77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!SetWindowsHookExW           7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!UnhookWindowsHookEx         7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!SetWindowsHookExA           7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!SetWinEventHook             7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe[828] USER32.dll!UnhookWinEvent              7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ntdll.dll!LdrLoadDll                             7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ntdll.dll!LdrUnloadDll                           7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!SetWindowsHookExW                     7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!UnhookWindowsHookEx                   7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!SetWindowsHookExA                     7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!SetWinEventHook                       7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] USER32.dll!UnhookWinEvent                        7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!SetServiceObjectSecurity            77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigA                77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigA + 4            77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigW                77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfigW + 4            77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfig2A               77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!ChangeServiceConfig2W               77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!CreateServiceA                      77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!CreateServiceW                      77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe[840] ADVAPI32.dll!DeleteService                       77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ntdll.dll!LdrLoadDll                                                                         7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ntdll.dll!LdrUnloadDll                                                                       7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!SetServiceObjectSecurity                                                        77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigA                                                            77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigA + 4                                                        77E06E6D 1 Byte  [EC]
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigW                                                            77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfigW + 4                                                        77E07005 1 Byte  [EC]
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfig2A                                                           77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!ChangeServiceConfig2W                                                           77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!CreateServiceA                                                                  77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!CreateServiceW                                                                  77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] ADVAPI32.dll!DeleteService                                                                   77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!SetWindowsHookExW                                                                 7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!UnhookWindowsHookEx                                                               7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!SetWindowsHookExA                                                                 7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!SetWinEventHook                                                                   7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FRITZ!DSL\IGDCTRL.EXE[864] USER32.dll!UnhookWinEvent                                                                    7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\winlogon.exe[940] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\services.exe[984] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ntdll.dll!LdrLoadDll                                                                              7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ntdll.dll!LdrUnloadDll                                                                            7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!SetServiceObjectSecurity                                                             77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigA                                                                 77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigA + 4                                                             77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigW                                                                 77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfigW + 4                                                             77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfig2A                                                                77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!ChangeServiceConfig2W                                                                77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!CreateServiceA                                                                       77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!CreateServiceW                                                                       77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] ADVAPI32.dll!DeleteService                                                                        77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] USER32.dll!SetWindowsHookExW                                                                      7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] USER32.dll!UnhookWindowsHookEx                                                                    7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] USER32.dll!SetWindowsHookExA                                                                      7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] USER32.dll!SetWinEventHook                                                                        7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\lsass.exe[996] USER32.dll!UnhookWinEvent                                                                         7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1172] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1240] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ntdll.dll!LdrLoadDll                                                    7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ntdll.dll!LdrUnloadDll                                                  7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!SetServiceObjectSecurity                                   77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigA                                       77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigA + 4                                   77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigW                                       77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfigW + 4                                   77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfig2A                                      77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!ChangeServiceConfig2W                                      77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!CreateServiceA                                             77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!CreateServiceW                                             77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] ADVAPI32.dll!DeleteService                                              77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!SetWindowsHookExW                                            7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!UnhookWindowsHookEx                                          7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!SetWindowsHookExA                                            7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!SetWinEventHook                                              7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe[1300] USER32.dll!UnhookWinEvent                                               7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[1328] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wscntfy.exe[1348] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ntdll.dll!LdrLoadDll                                         7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ntdll.dll!LdrUnloadDll                                       7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!SetServiceObjectSecurity                        77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigA                            77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigA + 4                        77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigW                            77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfigW + 4                        77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfig2A                           77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!ChangeServiceConfig2W                           77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!CreateServiceA                                  77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!CreateServiceW                                  77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] ADVAPI32.dll!DeleteService                                   77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!SetWindowsHookExW                                 7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!UnhookWindowsHookEx                               7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!SetWindowsHookExA                                 7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!SetWinEventHook                                   7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1352] USER32.dll!UnhookWinEvent                                    7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1364] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1428] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ntdll.dll!LdrLoadDll                                                       7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ntdll.dll!LdrUnloadDll                                                     7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!SetWindowsHookExW                                               7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!UnhookWindowsHookEx                                             7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!SetWindowsHookExA                                               7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!SetWinEventHook                                                 7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] USER32.dll!UnhookWinEvent                                                  7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!SetServiceObjectSecurity                                      77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigA                                          77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigA + 4                                      77E06E6D 1 Byte  [EC]
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigW                                          77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfigW + 4                                      77E07005 1 Byte  [EC]
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfig2A                                         77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!ChangeServiceConfig2W                                         77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!CreateServiceA                                                77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!CreateServiceW                                                77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe[1456] ADVAPI32.dll!DeleteService                                                 77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1544] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ntdll.dll!LdrLoadDll                                                                          7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ntdll.dll!LdrUnloadDll                                                                        7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!SetServiceObjectSecurity                                                         77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigA                                                             77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigA + 4                                                         77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigW                                                             77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfigW + 4                                                         77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfig2A                                                            77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!ChangeServiceConfig2W                                                            77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!CreateServiceA                                                                   77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!CreateServiceW                                                                   77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] ADVAPI32.dll!DeleteService                                                                    77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!SetWindowsHookExW                                                                  7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!UnhookWindowsHookEx                                                                7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!SetWindowsHookExA                                                                  7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!SetWinEventHook                                                                    7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\IoctlSvc.exe[1560] USER32.dll!UnhookWinEvent                                                                     7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ntdll.dll!LdrLoadDll                                                                          7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ntdll.dll!LdrUnloadDll                                                                        7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!SetServiceObjectSecurity                                                         77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigA                                                             77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigA + 4                                                         77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigW                                                             77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfigW + 4                                                         77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfig2A                                                            77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!ChangeServiceConfig2W                                                            77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!CreateServiceA                                                                   77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!CreateServiceW                                                                   77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] ADVAPI32.dll!DeleteService                                                                    77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!SetWindowsHookExW                                                                  7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!UnhookWindowsHookEx                                                                7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!SetWindowsHookExA                                                                  7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!SetWinEventHook                                                                    7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\HPZipm12.exe[1704] USER32.dll!UnhookWinEvent                                                                     7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Alwil Software\Avast5\AvastSvc.exe[1752] kernel32.dll!SetUnhandledExceptionFilter                                       7C84495D 4 Bytes  [C2, 04, 00, 90] {RET 0x4; NOP }
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ntdll.dll!LdrLoadDll                                                          7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ntdll.dll!LdrUnloadDll                                                        7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!SetServiceObjectSecurity                                         77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigA                                             77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigA + 4                                         77E06E6D 1 Byte  [EC]
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigW                                             77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfigW + 4                                         77E07005 1 Byte  [EC]
         
__________________


Alt 14.02.2011, 19:40   #3
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



  • Gmer.txt Teil2
Code:
ATTFilter
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfig2A                                            77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!ChangeServiceConfig2W                                            77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!CreateServiceA                                                   77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!CreateServiceW                                                   77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] ADVAPI32.dll!DeleteService                                                    77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!SetWindowsHookExW                                                  7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!UnhookWindowsHookEx                                                7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!SetWindowsHookExA                                                  7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!SetWinEventHook                                                    7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMAgent.exe[1788] USER32.dll!UnhookWinEvent                                                     7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\svchost.exe[1828] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ntdll.dll!LdrLoadDll                                                          7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ntdll.dll!LdrUnloadDll                                                        7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!SetServiceObjectSecurity                                         77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigA                                             77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigA + 4                                         77E06E6D 1 Byte  [EC]
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigW                                             77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfigW + 4                                         77E07005 1 Byte  [EC]
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfig2A                                            77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!ChangeServiceConfig2W                                            77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!CreateServiceA                                                   77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!CreateServiceW                                                   77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\TomTom HOME 2\TomTomHOMEService.exe[2080] ADVAPI32.dll!DeleteService                                                    77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe[2116] ntdll.dll!LdrLoadDll                                                   7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe[2116] ntdll.dll!LdrUnloadDll                                                 7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\wuauclt.exe[2280] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ntdll.dll!LdrLoadDll                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ntdll.dll!LdrUnloadDll                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!SetServiceObjectSecurity                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigA                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigA + 4                           77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigW                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfigW + 4                           77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfig2A                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!ChangeServiceConfig2W                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!CreateServiceA                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!CreateServiceW                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] ADVAPI32.dll!DeleteService                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!SetWindowsHookExW                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!UnhookWindowsHookEx                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!SetWindowsHookExA                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!SetWinEventHook                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe[2472] USER32.dll!UnhookWinEvent                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ntdll.dll!LdrLoadDll                                                                               7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ntdll.dll!LdrUnloadDll                                                                             7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] USER32.dll!SetWindowsHookExW                                                                       7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] USER32.dll!UnhookWindowsHookEx                                                                     7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] USER32.dll!SetWindowsHookExA                                                                       7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] USER32.dll!SetWinEventHook                                                                         7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] USER32.dll!UnhookWinEvent                                                                          7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!SetServiceObjectSecurity                                                              77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigA                                                                  77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigA + 4                                                              77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigW                                                                  77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfigW + 4                                                              77E07005 1 Byte  [EC]
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfig2A                                                                 77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!ChangeServiceConfig2W                                                                 77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!CreateServiceA                                                                        77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!CreateServiceW                                                                        77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\alg.exe[2560] ADVAPI32.dll!DeleteService                                                                         77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ntdll.dll!LdrLoadDll                                                                                   7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ntdll.dll!LdrUnloadDll                                                                                 7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!SetServiceObjectSecurity                                                                  77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigA                                                                      77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigA + 4                                                                  77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigW                                                                      77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfigW + 4                                                                  77E07005 1 Byte  [EC]
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfig2A                                                                     77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!ChangeServiceConfig2W                                                                     77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!CreateServiceA                                                                            77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!CreateServiceW                                                                            77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] ADVAPI32.dll!DeleteService                                                                             77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] USER32.dll!SetWindowsHookExW                                                                           7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] USER32.dll!UnhookWindowsHookEx                                                                         7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] USER32.dll!SetWindowsHookExA                                                                           7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] USER32.dll!SetWinEventHook                                                                             7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\Explorer.EXE[2860] USER32.dll!UnhookWinEvent                                                                              7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ntdll.dll!LdrLoadDll                                                         7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ntdll.dll!LdrUnloadDll                                                       7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!SetServiceObjectSecurity                                        77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigA                                            77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigA + 4                                        77E06E6D 1 Byte  [EC]
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigW                                            77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfigW + 4                                        77E07005 1 Byte  [EC]
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfig2A                                           77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!ChangeServiceConfig2W                                           77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!CreateServiceA                                                  77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!CreateServiceW                                                  77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] ADVAPI32.dll!DeleteService                                                   77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!SetWindowsHookExW                                                 7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!UnhookWindowsHookEx                                               7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!SetWindowsHookExA                                                 7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!SetWinEventHook                                                   7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe[3096] USER32.dll!UnhookWinEvent                                                    7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ntdll.dll!LdrLoadDll                                                   7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ntdll.dll!LdrUnloadDll                                                 7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!SetWindowsHookExW                                           7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!UnhookWindowsHookEx                                         7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!SetWindowsHookExA                                           7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!SetWinEventHook                                             7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] USER32.dll!UnhookWinEvent                                              7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!SetServiceObjectSecurity                                  77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigA                                      77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigA + 4                                  77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigW                                      77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfigW + 4                                  77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfig2A                                     77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!ChangeServiceConfig2W                                     77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!CreateServiceA                                            77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!CreateServiceW                                            77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe[3120] ADVAPI32.dll!DeleteService                                             77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ntdll.dll!LdrLoadDll                                                             7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ntdll.dll!LdrUnloadDll                                                           7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!SetServiceObjectSecurity                                            77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigA                                                77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigA + 4                                            77E06E6D 1 Byte  [EC]
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigW                                                77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfigW + 4                                            77E07005 1 Byte  [EC]
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfig2A                                               77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!ChangeServiceConfig2W                                               77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!CreateServiceA                                                      77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!CreateServiceW                                                      77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] ADVAPI32.dll!DeleteService                                                       77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!SetWindowsHookExW                                                     7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!UnhookWindowsHookEx                                                   7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!SetWindowsHookExA                                                     7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!SetWinEventHook                                                       7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Java\jre1.6.0_05\bin\jusched.exe[3128] USER32.dll!UnhookWinEvent                                                        7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ntdll.dll!LdrLoadDll                                                               7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ntdll.dll!LdrUnloadDll                                                             7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!SetServiceObjectSecurity                                              77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigA                                                  77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigA + 4                                              77E06E6D 1 Byte  [EC]
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigW                                                  77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfigW + 4                                              77E07005 1 Byte  [EC]
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfig2A                                                 77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!ChangeServiceConfig2W                                                 77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!CreateServiceA                                                        77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!CreateServiceW                                                        77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] ADVAPI32.dll!DeleteService                                                         77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxParamW                                                         7E3747AB 5 Bytes  JMP 41195501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!SetWindowsHookExW                                                       7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!CreateWindowExW                                                         7E37D0A3 5 Bytes  JMP 4126DB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!UnhookWindowsHookEx                                                     7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!SetWindowsHookExA                                                       7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!SetWinEventHook                                                         7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!UnhookWinEvent                                                          7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxIndirectParamW                                                 7E382072 5 Bytes  JMP 4136502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxIndirectA                                                     7E38A082 5 Bytes  JMP 41364F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxParamA                                                         7E38B144 5 Bytes  JMP 41364FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxExW                                                           7E3A0838 5 Bytes  JMP 41364E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxExA                                                           7E3A085C 5 Bytes  JMP 41364E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!DialogBoxIndirectParamA                                                 7E3A6D7D 5 Bytes  JMP 41365092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3208] USER32.dll!MessageBoxIndirectW                                                     7E3B64D5 5 Bytes  JMP 41364EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\WINDOWS\system32\umonit.exe[3616] ntdll.dll!LdrLoadDll                                                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ntdll.dll!LdrUnloadDll                                                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!SetWindowsHookExW                                                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!UnhookWindowsHookEx                                                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!SetWindowsHookExA                                                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!SetWinEventHook                                                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] USER32.dll!UnhookWinEvent                                                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!SetServiceObjectSecurity                                                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigA                                                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigA + 4                                                           77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigW                                                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfigW + 4                                                           77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfig2A                                                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!ChangeServiceConfig2W                                                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!CreateServiceA                                                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!CreateServiceW                                                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\umonit.exe[3616] ADVAPI32.dll!DeleteService                                                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ntdll.dll!LdrLoadDll                                              7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ntdll.dll!LdrUnloadDll                                            7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!SetServiceObjectSecurity                             77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigA                                 77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigA + 4                             77E06E6D 1 Byte  [EC]
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigW                                 77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfigW + 4                             77E07005 1 Byte  [EC]
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfig2A                                77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!ChangeServiceConfig2W                                77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!CreateServiceA                                       77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!CreateServiceW                                       77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] ADVAPI32.dll!DeleteService                                        77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!SetWindowsHookExW                                      7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!UnhookWindowsHookEx                                    7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!SetWindowsHookExA                                      7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!SetWinEventHook                                        7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe[3624] USER32.dll!UnhookWinEvent                                         7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ntdll.dll!LdrLoadDll                                                          7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ntdll.dll!LdrUnloadDll                                                        7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!SetWindowsHookExW                                                  7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!UnhookWindowsHookEx                                                7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!SetWindowsHookExA                                                  7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!SetWinEventHook                                                    7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] USER32.dll!UnhookWinEvent                                                     7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!SetServiceObjectSecurity                                         77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigA                                             77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigA + 4                                         77E06E6D 1 Byte  [EC]
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigW                                             77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfigW + 4                                         77E07005 1 Byte  [EC]
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfig2A                                            77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!ChangeServiceConfig2W                                            77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!CreateServiceA                                                   77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!CreateServiceW                                                   77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\HP\HP Software Update\HPWuSchd2.exe[3632] ADVAPI32.dll!DeleteService                                                    77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ntdll.dll!LdrLoadDll                                                                      7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ntdll.dll!LdrUnloadDll                                                                    7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!SetWindowsHookExW                                                              7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!UnhookWindowsHookEx                                                            7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!SetWindowsHookExA                                                              7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!SetWinEventHook                                                                7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] USER32.dll!UnhookWinEvent                                                                 7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!SetServiceObjectSecurity                                                     77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigA                                                         77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigA + 4                                                     77E06E6D 1 Byte  [EC]
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigW                                                         77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfigW + 4                                                     77E07005 1 Byte  [EC]
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfig2A                                                        77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!ChangeServiceConfig2W                                                        77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!CreateServiceA                                                               77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!CreateServiceW                                                               77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\FreePDF_XP\fpassist.exe[3664] ADVAPI32.dll!DeleteService                                                                77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ntdll.dll!LdrLoadDll                                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ntdll.dll!LdrUnloadDll                                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!SetServiceObjectSecurity                                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigA                                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigA + 4                                                          77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigW                                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfigW + 4                                                          77E07005 1 Byte  [EC]
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfig2A                                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!ChangeServiceConfig2W                                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!CreateServiceA                                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!CreateServiceW                                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] ADVAPI32.dll!DeleteService                                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!SetWindowsHookExW                                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!UnhookWindowsHookEx                                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!SetWindowsHookExA                                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!SetWinEventHook                                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\System32\svchost.exe[3688] USER32.dll!UnhookWinEvent                                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ntdll.dll!LdrLoadDll                                                   7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ntdll.dll!LdrUnloadDll                                                 7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!SetServiceObjectSecurity                                  77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigA                                      77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigA + 4                                  77E06E6D 1 Byte  [EC]
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigW                                      77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfigW + 4                                  77E07005 1 Byte  [EC]
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfig2A                                     77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!ChangeServiceConfig2W                                     77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!CreateServiceA                                            77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!CreateServiceW                                            77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] ADVAPI32.dll!DeleteService                                             77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!SetWindowsHookExW                                           7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!UnhookWindowsHookEx                                         7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!SetWindowsHookExA                                           7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!SetWinEventHook                                             7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe[3732] USER32.dll!UnhookWinEvent                                              7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ntdll.dll!LdrLoadDll                                                               7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ntdll.dll!LdrUnloadDll                                                             7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!SetServiceObjectSecurity                                              77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigA                                                  77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigA + 4                                              77E06E6D 1 Byte  [EC]
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigW                                                  77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfigW + 4                                              77E07005 1 Byte  [EC]
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfig2A                                                 77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!ChangeServiceConfig2W                                                 77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!CreateServiceA                                                        77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!CreateServiceW                                                        77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ADVAPI32.dll!DeleteService                                                         77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxParamW                                                         7E3747AB 5 Bytes  JMP 41195501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!SetWindowsHookExW                                                       7E37820F 5 Bytes  JMP 41269B15 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!CallNextHookEx                                                          7E37B3C6 5 Bytes  JMP 4125D16D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!CreateWindowExW                                                         7E37D0A3 5 Bytes  JMP 4126DB6C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!UnhookWindowsHookEx                                                     7E37D5F3 5 Bytes  JMP 411D4666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!SetWindowsHookExA                                                       7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!SetWinEventHook                                                         7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!UnhookWinEvent                                                          7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxIndirectParamW                                                 7E382072 5 Bytes  JMP 4136502F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxIndirectA                                                     7E38A082 5 Bytes  JMP 41364F61 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxParamA                                                         7E38B144 5 Bytes  JMP 41364FCC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxExW                                                           7E3A0838 5 Bytes  JMP 41364E32 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxExA                                                           7E3A085C 5 Bytes  JMP 41364E94 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!DialogBoxIndirectParamA                                                 7E3A6D7D 5 Bytes  JMP 41365092 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] USER32.dll!MessageBoxIndirectW                                                     7E3B64D5 5 Bytes  JMP 41364EF6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ole32.dll!CoCreateInstance                                                         774CF1AC 5 Bytes  JMP 4126DBC8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Internet Explorer\IEXPLORE.EXE[3748] ole32.dll!OleLoadFromStream                                                        774F981B 5 Bytes  JMP 413653B0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ntdll.dll!LdrLoadDll                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ntdll.dll!LdrUnloadDll                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!SetServiceObjectSecurity                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigA                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigA + 4                           77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigW                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfigW + 4                           77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfig2A                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!ChangeServiceConfig2W                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!CreateServiceA                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!CreateServiceW                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] ADVAPI32.dll!DeleteService                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!SetWindowsHookExW                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!UnhookWindowsHookEx                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!SetWindowsHookExA                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!SetWinEventHook                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[3752] USER32.dll!UnhookWinEvent                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ntdll.dll!LdrLoadDll                      7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ntdll.dll!LdrUnloadDll                    7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!SetServiceObjectSecurity     77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
         
__________________

Alt 14.02.2011, 19:42   #4
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



  • Gmer.txt Teil3
Code:
ATTFilter
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigA         77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigA + 4     77E06E6D 1 Byte  [EC]
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigW         77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfigW + 4     77E07005 1 Byte  [EC]
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfig2A        77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!ChangeServiceConfig2W        77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!CreateServiceA               77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!CreateServiceW               77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] ADVAPI32.dll!DeleteService                77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!SetWindowsHookExW              7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!UnhookWindowsHookEx            7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!SetWindowsHookExA              7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!SetWinEventHook                7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3772] USER32.dll!UnhookWinEvent                 7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ntdll.dll!LdrLoadDll                                                        7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ntdll.dll!LdrUnloadDll                                                      7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!SetWindowsHookExW                                                7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!UnhookWindowsHookEx                                              7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!SetWindowsHookExA                                                7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!SetWinEventHook                                                  7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] USER32.dll!UnhookWinEvent                                                   7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!SetServiceObjectSecurity                                       77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigA                                           77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigA + 4                                       77E06E6D 1 Byte  [EC]
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigW                                           77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfigW + 4                                       77E07005 1 Byte  [EC]
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfig2A                                          77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!ChangeServiceConfig2W                                          77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!CreateServiceA                                                 77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!CreateServiceW                                                 77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe[3812] ADVAPI32.dll!DeleteService                                                  77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ntdll.dll!LdrLoadDll                                                                            7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ntdll.dll!LdrUnloadDll                                                                          7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!SetServiceObjectSecurity                                                           77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigA                                                               77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigA + 4                                                           77E06E6D 1 Byte  [EC]
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigW                                                               77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfigW + 4                                                           77E07005 1 Byte  [EC]
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfig2A                                                              77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!ChangeServiceConfig2W                                                              77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!CreateServiceA                                                                     77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!CreateServiceW                                                                     77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] ADVAPI32.dll!DeleteService                                                                      77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!SetWindowsHookExW                                                                    7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!UnhookWindowsHookEx                                                                  7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!SetWindowsHookExA                                                                    7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!SetWinEventHook                                                                      7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\WINDOWS\system32\ctfmon.exe[3892] USER32.dll!UnhookWinEvent                                                                       7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe[4068] ntdll.dll!LdrLoadDll                                                                7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe[4068] ntdll.dll!LdrUnloadDll                                                              7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ntdll.dll!LdrLoadDll                                                           7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ntdll.dll!LdrUnloadDll                                                         7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] kernel32.dll!SetUnhandledExceptionFilter                                       7C84495D 5 Bytes  JMP 0056DBBD C:\Programme\Windows Live\Messenger\MsnMsgr.Exe (Windows Live Messenger/Microsoft Corporation)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!SetServiceObjectSecurity                                          77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigA                                              77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigA + 4                                          77E06E6D 1 Byte  [EC]
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigW                                              77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfigW + 4                                          77E07005 1 Byte  [EC]
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfig2A                                             77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!ChangeServiceConfig2W                                             77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!CreateServiceA                                                    77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!CreateServiceW                                                    77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] ADVAPI32.dll!DeleteService                                                     77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!SetWindowsHookExW                                                   7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!UnhookWindowsHookEx                                                 7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!SetWindowsHookExA                                                   7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!SetWinEventHook                                                     7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Windows Live\Messenger\MsnMsgr.Exe[4080] USER32.dll!UnhookWinEvent                                                      7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ntdll.dll!LdrLoadDll                                              7C92632D 5 Bytes  JMP 64D06950 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ntdll.dll!LdrUnloadDll                                            7C9271CD 5 Bytes  JMP 64D069B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!SetServiceObjectSecurity                             77E06D81 5 Bytes  JMP 64D09D40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigA                                 77E06E69 3 Bytes  JMP 64D07AE0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigA + 4                             77E06E6D 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigW                                 77E07001 3 Bytes  JMP 64D07ED0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfigW + 4                             77E07005 1 Byte  [EC]
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfig2A                                77E07101 5 Bytes  JMP 64D08290 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!ChangeServiceConfig2W                                77E07189 5 Bytes  JMP 64D083C0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!CreateServiceA                                       77E07211 5 Bytes  JMP 64D06E40 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!CreateServiceW                                       77E073A9 5 Bytes  JMP 64D072B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] ADVAPI32.dll!DeleteService                                        77E074B1 5 Bytes  JMP 64D078E0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!SetWindowsHookExW                                      7E37820F 5 Bytes  JMP 64D0BB30 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!UnhookWindowsHookEx                                    7E37D5F3 5 Bytes  JMP 64D0BCB0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!SetWindowsHookExA                                      7E381211 5 Bytes  JMP 64D0B9B0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!SetWinEventHook                                        7E3817F7 5 Bytes  JMP 64D0B720 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text           C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe[4092] USER32.dll!UnhookWinEvent                                         7E3818AC 5 Bytes  JMP 64D0B8A0 C:\Programme\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                                               aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                               tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                                               aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                             aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                            aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume1                                                                                               tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume1                                                                                               fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume2                                                                                               tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice  \Driver\Ftdisk \Device\HarddiskVolume2                                                                                               fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                            aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                          aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                      C:\Programme\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                      0
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                   0x57 0x6E 0xA4 0x55 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                          0x45 0x59 0xDD 0x78 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                   0xED 0xF0 0xD3 0x60 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                      C:\Programme\DAEMON Tools Pro\
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                      1
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                   0xE3 0x81 0xF6 0x94 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                          0xB8 0x2D 0x1E 0x5D ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                     0x8C 0x2A 0x15 0xC3 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                                          0x2A 0x2A 0xBC 0x6C ...
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                                     0xF1 0x05 0xE2 0x9B ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                      C:\Programme\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                      0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                   0x57 0x6E 0xA4 0x55 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                          0x45 0x59 0xDD 0x78 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                   0xED 0xF0 0xD3 0x60 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                      C:\Programme\DAEMON Tools Pro\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                      1
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                   0xE3 0x81 0xF6 0x94 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                          0xB8 0x2D 0x1E 0x5D ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                     0x8C 0x2A 0x15 0xC3 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                                          0x2A 0x2A 0xBC 0x6C ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                                     0x0E 0x0F 0x9B 0xA4 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                      C:\Programme\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                      0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                   0x57 0x6E 0xA4 0x55 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                          0x45 0x59 0xDD 0x78 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                   0xED 0xF0 0xD3 0x60 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                      C:\Programme\DAEMON Tools Pro\
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                      1
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                   0xE3 0x81 0xF6 0x94 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                          0xB8 0x2D 0x1E 0x5D ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                     0x8C 0x2A 0x15 0xC3 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                                          0x2A 0x2A 0xBC 0x6C ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                                     0xB3 0x71 0x49 0xC4 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                  C:\Programme\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                               0x57 0x6E 0xA4 0x55 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                      0x45 0x59 0xDD 0x78 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                               0xED 0xF0 0xD3 0x60 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                  C:\Programme\DAEMON Tools Pro\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                               0xE3 0x81 0xF6 0x94 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                      0xB8 0x2D 0x1E 0x5D ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                       
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                 0x8C 0x2A 0x15 0xC3 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002                                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                                      0x2A 0x2A 0xBC 0x6C ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0                                       
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                                 0xF1 0x05 0xE2 0x9B ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                      C:\Programme\Alcohol Soft\Alcohol 120\
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                      0
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                   0x57 0x6E 0xA4 0x55 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                          0x45 0x59 0xDD 0x78 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                   0xED 0xF0 0xD3 0x60 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                 
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                      C:\Programme\DAEMON Tools Pro\
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                      1
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                   0xE3 0x81 0xF6 0x94 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                          0xB8 0x2D 0x1E 0x5D ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                     0x8C 0x2A 0x15 0xC3 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002 (not active ControlSet)                        
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@a0                                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002@hdf12                                          0x2A 0x2A 0xBC 0x6C ...
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0 (not active ControlSet)                   
Reg             HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000002\gdq0@hdf12                                     0xF1 0x05 0xE2 0x9B ...
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service@LogSessionName                                  stdout
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service@Active                                          1
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service@ControlFlags                                    1
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ApiTraceGuid                                    
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ApiTraceGuid@Guid                               485e7de9-0a80-11d8-ad15-505054503030
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ApiTraceGuid@BitNames                            API_TRACE_IO
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\DriverProcessTraceGuid                          
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\DriverProcessTraceGuid@Guid                     485e7ded-0a80-11d8-ad15-505054503030
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\DriverProcessTraceGuid@BitNames                  DP_TRACE_API DP_TRACE_DDI DP_TRACE_GENERAL DP_TRACE_OBJECT DP_TRACE_POOL DP_TRACE_DRIVER DP_TRACE_DEVICE DP_TRACE_REQUEST DP_TRACE_FILEOBJECT DP_TRACE_IO DP_TRACE_PNP DP_TRACE_MEMORY DP_TRACE_IOTARGET DP_TRACE_FUNC DP_TRACE_STRING
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\MgrTraceGuid                                    
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\MgrTraceGuid@Guid                               485e7dea-0a80-11d8-ad15-505054503030
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\MgrTraceGuid@BitNames                            MGR_TRACE_MGR MGR_TRACE_SERVICE_KEY MGR_TRACE_DEVNODE MGR_TRACE_PROCESS
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ProcessHelperTraceGuid                          
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ProcessHelperTraceGuid@Guid                     485e7dec-0a80-11d8-ad15-505054503030
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\ProcessHelperTraceGuid@BitNames                  PROCHELP_TRACE_EVENT PROCHELP_TRACE_QUERY
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\RpcTraceGuid                                    
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\RpcTraceGuid@Guid                               485e7de8-0a80-11d8-ad15-505054503030
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\RpcTraceGuid@BitNames                            RPC_TRACE_AUTHENTICATION RPC_TRACE_SERVER RPC_TRACE_CLIENT RPC_TRACE_GENERAL
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\TestTraceGuid                                   
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\TestTraceGuid@Guid                              485e7deb-0a80-11d8-ad15-505054503030
Reg             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\WDF Driver Manager Service\TestTraceGuid@BitNames                           TEST_TRACE_GENERAL TEST_TRACE_APP TEST_TRACE_TSTDRIVER TEST_TRACE_FLTRDRIVER

---- EOF - GMER 1.0.15 ----
         

Alt 14.02.2011, 19:43   #5
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



  • OTL.txt
Code:
ATTFilter
OTL logfile created on: 14.02.2011 07:18:01 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Dokumente und Einstellungen\User\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 177,93 Gb Total Space | 150,80 Gb Free Space | 84,75% Space Free | Partition Type: NTFS
Drive D: | 287,83 Gb Total Space | 259,90 Gb Free Space | 90,29% Space Free | Partition Type: NTFS
 
Computer Name: ** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.13 20:12:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\MFTools\OTL.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.12.10 13:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.10.02 21:20:00 | 004,537,280 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.01.22 13:53:32 | 002,326,920 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
PRC - [2009.11.20 19:17:54 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.09.12 18:09:48 | 000,357,800 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2009.09.12 18:09:14 | 005,082,488 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.09.05 17:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2008.06.29 23:01:01 | 000,052,168 | ---- | M] (Elaborate Bytes AG) -- C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2008.06.24 15:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.06.24 15:05:56 | 000,537,896 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
PRC - [2008.05.17 07:21:33 | 000,072,704 | ---- | M] (Autodata Limited) -- C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.21 02:35:02 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.10.19 12:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
PRC - [2005.11.21 11:34:24 | 000,081,920 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2005.08.06 02:31:16 | 000,053,248 | ---- | M] (General) -- C:\WINDOWS\system32\umonit.exe
PRC - [2004.10.14 08:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003.01.30 17:49:20 | 000,196,608 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
PRC - [2002.09.20 13:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2002.04.11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brsvc01a.exe
PRC - [2001.12.12 23:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\brss01a.exe
PRC - [2000.06.29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.13 20:12:38 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\MFTools\OTL.exe
MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.23 17:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010.02.04 19:17:27 | 000,129,984 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\ADvdDiscHlp.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (gupdate) Google Update Service (gupdate)
SRV - File not found [Disabled | Stopped] --  -- (Fun4IM Coordinator)
SRV - File not found [Auto | Stopped] --  -- (AMService)
SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.12.10 13:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.01.22 13:53:32 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008.06.24 15:05:56 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.05.17 07:21:33 | 000,072,704 | ---- | M] (Autodata Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service)
SRV - [2007.12.12 17:32:20 | 001,253,568 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - [2007.12.12 17:31:58 | 000,213,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv)
SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.02.21 02:35:02 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006.10.19 12:52:24 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005.11.21 11:34:24 | 000,081,920 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (AVM IGD CTRL Service)
SRV - [2005.11.21 10:48:06 | 000,315,392 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe -- (de_serv)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2003.01.30 17:55:44 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hphipm09.exe -- (Pml Driver)
SRV - [2002.09.20 13:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
SRV - [2002.04.11 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\brsvc01a.exe -- (Brother XP spl Service)
SRV - [2000.06.29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.30 22:25:16 | 000,030,376 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2010.09.14 14:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.01.22 13:53:34 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2010.01.22 13:53:25 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpm251.sys -- (tdrpman251) Acronis Try&Decide and Restore Points filter (build 251)
DRV - [2010.01.22 13:53:21 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.01.22 13:53:10 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009.11.20 19:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009.11.20 19:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2008.07.17 01:12:47 | 000,028,672 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008.04.19 07:15:59 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.04.18 19:32:38 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2008.03.22 17:08:08 | 000,020,520 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008.03.22 17:08:08 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2007.04.10 20:30:16 | 000,018,304 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2007.04.10 20:09:08 | 000,321,024 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006.12.20 05:00:00 | 000,041,600 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
DRV - [2006.11.02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.05.18 02:49:02 | 000,061,067 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006.05.18 02:48:50 | 000,047,249 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2005.08.06 02:31:16 | 000,006,656 | ---- | M] (Genesys Logic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fixustor.sys -- (fixustor)
DRV - [2005.03.01 05:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004.09.14 05:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2003.03.14 12:36:08 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2003.01.30 17:55:44 | 000,050,800 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphid409.sys -- (Dot4 HPH09)
DRV - [2003.01.30 17:55:44 | 000,050,211 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphs2k09.sys -- (Dot4Storage HPH09) Storage Class Driver for IEEE-1284.4 (HPH09)
DRV - [2003.01.30 17:55:44 | 000,018,864 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphius09.sys -- (Dot4Usb HPH09)
DRV - [2003.01.30 17:55:44 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hphipr09.sys -- (Dot4Print HPH09)
DRV - [2001.08.17 12:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn) Brother MFC-Scannertreiber (USB)
DRV - [2001.08.17 12:12:20 | 000,060,416 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerWdm.sys -- (BrSerWDM) Brother-Treiber (seriell)
DRV - [2001.08.17 12:12:20 | 000,011,008 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbMdm.sys -- (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB)
DRV - [2001.08.17 12:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)
DRV - [2000.02.03 20:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.internetscout.biz/google/?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.internetscout.info/google/iesearch.php

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.internetscout.biz/google/?q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.internetscout.info/google/iesearch.php
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.0.1:80
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/402"
FF - prefs.js..network.proxy.ftp: "192.168.0.1"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "192.168.0.1"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "192.168.0.1"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "192.168.0.1"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "192.168.0.1"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&systemid=402&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{383E62E4-22D3-4C83-B1A9-56DAD04C4D78}: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\{383E62E4-22D3-4C83-B1A9-56DAD04C4D78} [2011.01.26 19:44:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.21 18:28:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.02.11 19:56:24 | 000,000,000 | ---D | M]
 
[2010.05.28 18:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions
[2010.05.28 18:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2011.01.28 18:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\extensions
[2010.04.04 11:07:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.29 18:50:10 | 000,000,000 | ---D | M] (Fun4IM for Firefox) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\extensions\firefox@bandoo.com
[2010.10.28 09:41:02 | 000,005,529 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\x2yjjxbp.default\searchplugins\SearchquWebSearch.xml
[2011.01.28 18:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.28 09:41:02 | 000,005,529 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
[2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.01.30 18:45:44 | 000,429,314 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 192.168.178.20 HP00187161063B
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14779 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Programme\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UMonit] C:\WINDOWS\system32\umonit.exe (General)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk = C:\Programme\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188718248281 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - Unable to read "AutoRun" value or value not present!
O32 - AutoRun File - [2007.09.01 16:48:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.07.15 20:46:53 | 000,000,702 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{5a160194-de85-11df-bc20-001bb9a114ac}\Shell\AutoRun\command - "" = J:\InstallTomTomHOME.exe
O33 - MountPoints2\{68066153-50b7-11dd-824f-001167adddfa}\Shell\AutoRun\command - "" = J:\Web'n'walk_Helper.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: SSHNAS -  File not found
 
MsConfig - Services: "Fun4IM Coordinator"
MsConfig - Services: "gupdate"
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 2
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 0
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.13 20:45:38 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent
[2011.02.13 20:43:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.02.13 20:23:32 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2011.02.13 20:23:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ERUNT
[2011.02.13 20:11:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\MFTools
[2011.02.12 12:09:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Registry Mechanic
[2011.02.12 12:03:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Promosoft Corporation
[2011.02.12 11:30:21 | 000,000,000 | ---D | C] -- C:\WINDOWS.0
[2011.02.12 11:29:16 | 000,000,000 | ---D | C] -- C:\Programme\Free Window Registry Repair
[2011.02.12 11:21:45 | 000,000,000 | ---D | C] -- C:\Programme\Magical Jelly Bean
[2011.02.12 11:21:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\KeyFinder
[2011.02.12 10:04:56 | 000,116,736 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011.02.12 10:04:52 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011.02.12 10:04:39 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011.02.12 10:04:35 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011.02.12 10:04:11 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011.02.12 10:04:08 | 000,035,402 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011.02.12 10:03:59 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011.02.12 10:03:40 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011.02.12 10:03:29 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011.02.12 10:03:25 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011.02.12 10:03:21 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011.02.12 10:03:13 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011.02.12 10:03:09 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011.02.12 10:03:05 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011.02.12 10:03:01 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011.02.12 10:02:46 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011.02.12 10:02:31 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011.02.12 10:02:27 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011.02.12 10:02:23 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011.02.12 10:02:18 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011.02.12 10:01:59 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011.02.12 10:01:45 | 000,212,480 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011.02.12 10:01:41 | 000,216,576 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011.02.12 10:01:27 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011.02.12 10:01:23 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011.02.12 10:01:20 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011.02.12 10:01:16 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011.02.12 10:01:13 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011.02.12 10:01:09 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011.02.12 10:00:37 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011.02.12 10:00:32 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011.02.12 10:00:28 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011.02.12 10:00:27 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011.02.12 10:00:22 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011.02.12 10:00:19 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011.02.12 10:00:06 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011.02.12 10:00:03 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011.02.12 09:59:21 | 000,159,744 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011.02.12 09:59:17 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011.02.12 09:59:14 | 000,287,232 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011.02.12 09:59:10 | 000,017,152 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011.02.12 09:59:04 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011.02.12 09:58:45 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2011.02.12 09:58:04 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011.02.12 09:58:00 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011.02.12 09:57:56 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011.02.12 09:57:53 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011.02.12 09:57:50 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011.02.12 09:57:26 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011.02.12 09:57:22 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011.02.12 09:57:19 | 000,095,178 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011.02.12 09:57:12 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011.02.12 09:56:49 | 000,161,888 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011.02.12 09:56:46 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011.02.12 09:56:43 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011.02.12 09:56:40 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011.02.12 09:56:13 | 000,017,792 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011.02.12 09:56:06 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011.02.12 09:56:03 | 000,024,192 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011.02.12 09:55:49 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011.02.12 09:55:46 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011.02.12 09:55:43 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011.02.12 09:55:39 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011.02.12 09:55:36 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011.02.12 09:55:33 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011.02.12 09:55:30 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011.02.12 09:55:27 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011.02.12 09:55:24 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011.02.12 09:55:17 | 000,083,968 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011.02.12 09:55:14 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011.02.12 09:55:11 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011.02.12 09:55:10 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011.02.12 09:54:55 | 000,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011.02.12 09:54:51 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011.02.12 09:52:49 | 000,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011.02.12 09:52:46 | 000,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011.02.12 09:52:17 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011.02.12 09:52:14 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011.02.12 09:52:11 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011.02.12 09:51:59 | 000,016,384 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011.02.12 09:51:12 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011.02.12 09:50:59 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011.02.12 09:50:58 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011.02.12 09:50:56 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011.02.12 09:50:15 | 000,054,730 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011.02.12 09:50:09 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011.02.12 09:50:05 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011.02.12 09:49:48 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011.02.12 09:20:11 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011.02.12 09:20:07 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011.02.12 09:20:02 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011.02.12 09:19:54 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011.02.12 09:19:51 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011.02.12 09:19:43 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011.02.12 09:19:40 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011.02.12 09:19:38 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011.02.12 09:19:35 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011.02.12 09:19:32 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011.02.12 09:19:29 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011.02.12 09:19:20 | 000,076,288 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011.02.12 09:19:18 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011.02.12 09:19:15 | 000,019,968 | ---- | C] (Macronix International Co., Ltd.                                               ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011.02.12 09:19:11 | 000,020,480 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011.02.12 09:19:08 | 000,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011.02.12 09:18:28 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2011.02.12 09:17:54 | 000,164,970 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011.02.11 21:39:46 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011.02.11 21:39:43 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011.02.11 21:39:42 | 000,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011.02.11 21:39:39 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011.02.11 21:39:39 | 000,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011.02.11 21:39:36 | 000,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011.02.11 21:39:27 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011.02.11 21:39:25 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011.02.11 21:39:22 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011.02.11 21:39:19 | 000,016,256 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011.02.11 21:39:15 | 000,026,506 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011.02.11 21:39:12 | 000,019,016 | ---- | C] (Kingston Technology Company                                                             ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011.02.11 21:38:16 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011.02.11 21:37:25 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011.02.11 21:35:40 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011.02.11 21:35:31 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011.02.11 21:35:04 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011.02.11 21:35:02 | 000,082,560 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011.02.11 21:34:59 | 000,017,792 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011.02.11 21:34:46 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011.02.11 21:34:34 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011.02.11 21:34:32 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011.02.11 21:34:27 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011.02.11 21:34:24 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011.02.11 21:34:21 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011.02.11 21:34:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011.02.11 21:34:02 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011.02.11 21:33:57 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011.02.11 21:33:56 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011.02.11 21:32:28 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011.02.11 21:32:23 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011.02.11 21:32:18 | 000,029,696 | ---- | C] (CNet Technology, Inc.                                                    ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011.02.11 21:32:16 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011.02.11 21:32:14 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011.02.11 21:32:09 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011.02.11 21:32:08 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011.02.11 21:32:06 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011.02.11 21:32:04 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011.02.11 21:31:43 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011.02.11 21:31:42 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011.02.11 21:31:33 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011.02.11 21:31:10 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011.02.11 21:31:09 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011.02.11 21:31:08 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011.02.11 21:31:07 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011.02.11 21:31:06 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011.02.11 21:31:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011.02.11 21:31:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011.02.11 21:31:01 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011.02.11 21:30:53 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011.02.11 21:30:39 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011.02.11 21:30:30 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011.02.11 21:30:22 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011.02.11 21:30:21 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011.02.11 21:30:21 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011.02.11 21:30:20 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011.02.11 21:30:19 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011.02.11 21:30:16 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011.02.11 21:30:11 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011.02.11 21:30:10 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011.02.11 21:30:10 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011.02.11 21:30:08 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011.02.11 21:30:07 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011.02.11 21:29:30 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011.02.11 21:29:28 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011.02.11 21:29:28 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011.02.11 21:29:25 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011.02.11 21:29:24 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011.02.11 21:29:16 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011.02.11 21:29:12 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011.02.11 21:29:12 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011.02.11 21:29:11 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011.02.11 21:29:10 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011.02.11 21:29:09 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011.02.11 21:29:08 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011.02.11 21:29:08 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011.02.11 21:27:06 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011.02.11 21:26:26 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011.02.11 20:48:50 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011.02.11 20:48:38 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011.02.11 20:48:37 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011.02.11 20:48:37 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011.02.11 20:48:36 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011.02.11 20:48:34 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011.02.11 20:48:30 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011.02.11 20:48:27 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011.02.11 20:48:27 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011.02.11 20:48:26 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011.02.11 19:56:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Tygo
[2011.02.11 19:56:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Real
[2011.02.09 18:55:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Foymfe
[2011.01.30 09:47:03 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Dokumente und Einstellungen\User\Desktop\setup-spybotsd162.exe
[2011.01.29 18:50:11 | 000,000,000 | -H-D | C] -- C:\RestorPoint
[2011.01.28 18:52:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bandoo
[2011.01.28 18:51:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fun4IM
[2011.01.27 17:04:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Adobe
[2011.01.27 17:03:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2011.01.27 17:03:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2011.01.27 17:03:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Sun
[2011.01.26 19:55:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader
[2011.01.26 19:54:50 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2011.01.26 19:44:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\{383E62E4-22D3-4C83-B1A9-56DAD04C4D78}
[2011.01.26 18:34:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\TomTom
[2011.01.26 18:34:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Startmenü\Programme\TomTom
[2011.01.26 18:34:38 | 000,000,000 | ---D | C] -- C:\Programme\TomTom International B.V
[2011.01.24 12:20:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.14 06:43:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.14 00:43:00 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.13 20:47:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.02.13 20:46:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.02.13 20:45:35 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2011.02.13 20:45:35 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2011.02.13 20:45:23 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\User\defogger_reenable
[2011.02.13 20:40:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2011.02.13 20:40:05 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2011.02.13 20:23:41 | 000,000,793 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk
[2011.02.13 20:23:32 | 000,000,637 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\NTREGOPT.lnk
[2011.02.13 20:23:32 | 000,000,618 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\ERUNT.lnk
[2011.02.13 20:18:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2011.02.13 20:18:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2011.02.13 20:13:35 | 000,296,448 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe
[2011.02.13 20:13:26 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\defogger.exe
[2011.02.13 20:11:03 | 000,000,286 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe by Larusso - Trojaner-Board.url
[2011.02.13 20:10:25 | 000,472,080 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe
[2011.02.12 13:31:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2011.02.12 13:31:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2011.02.12 13:07:11 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011.02.12 13:02:18 | 000,000,194 | -HS- | M] () -- C:\boot.ini
[2011.02.12 12:57:27 | 002,758,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.12 12:55:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2011.02.12 12:55:42 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2011.02.12 12:54:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.02.12 12:37:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2011.02.12 12:37:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2011.02.12 12:26:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2011.02.12 12:26:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2011.02.12 12:19:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2011.02.12 12:19:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2011.02.12 11:45:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2011.02.12 11:45:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2011.02.12 11:29:08 | 000,798,000 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\RegpairSetup_2.0.exe
[2011.02.12 10:53:51 | 000,000,324 | -HS- | M] () -- C:\boot.ini.old
[2011.02.12 10:27:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2011.02.12 10:27:08 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2011.02.12 06:49:41 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.02.11 19:46:26 | 000,002,544 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2011.02.11 19:46:26 | 000,001,890 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2011.02.11 19:33:12 | 000,002,136 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Windows-Kompatibilitätsbericht.htm
[2011.02.09 19:29:41 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2011.02.09 19:29:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2011.02.09 19:22:42 | 000,000,500 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\eBay Verkäufer Kisiru.url
[2011.02.09 19:12:28 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Microsoft Office Word 2003.lnk
[2011.02.09 18:43:15 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2011.02.07 19:04:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2011.02.07 19:04:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2011.02.05 09:16:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2011.02.05 09:16:00 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2011.02.04 18:58:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2011.02.04 18:58:20 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2011.01.30 19:06:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2011.01.30 19:06:49 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2011.01.30 18:45:44 | 000,429,314 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.30 16:36:47 | 000,000,083 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2011.01.30 15:24:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2011.01.30 15:24:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2011.01.30 13:13:10 | 000,429,314 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110130-184544.backup
[2011.01.30 10:13:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2011.01.30 10:13:50 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2011.01.30 10:13:42 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Spybot - Search & Destroy.lnk
[2011.01.30 09:53:08 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Dokumente und Einstellungen\User\Desktop\setup-spybotsd162.exe
[2011.01.29 20:24:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2011.01.29 20:24:25 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2011.01.28 22:28:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2011.01.28 22:28:03 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2011.01.27 16:55:43 | 000,016,072 | ---- | M] () -- C:\WINDOWS\iragabob.dll
[2011.01.27 16:55:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Bqosaneyafi.bin
[2011.01.27 16:55:01 | 000,016,114 | ---- | M] () -- C:\WINDOWS\owelolel.dll
[2011.01.26 19:44:59 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Kbonakihe.dat
[2011.01.21 16:22:24 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.16 09:37:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2011.01.16 09:37:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.13 20:45:14 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\User\defogger_reenable
[2011.02.13 20:23:41 | 000,000,793 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\ERUNT AutoBackup.lnk
[2011.02.13 20:23:32 | 000,000,637 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\NTREGOPT.lnk
[2011.02.13 20:23:32 | 000,000,618 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\ERUNT.lnk
[2011.02.13 20:13:29 | 000,296,448 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\g2m3e4r.exe
[2011.02.13 20:13:23 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\defogger.exe
[2011.02.13 20:11:03 | 000,000,286 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe by Larusso - Trojaner-Board.url
[2011.02.13 20:10:15 | 000,472,080 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Load.exe
[2011.02.12 13:07:11 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.02.12 12:52:57 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.02.12 11:40:24 | 000,000,324 | -HS- | C] () -- C:\boot.ini.old
[2011.02.12 11:28:58 | 000,798,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\RegpairSetup_2.0.exe
[2011.02.12 10:04:51 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011.02.12 10:04:48 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011.02.12 09:54:47 | 000,086,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011.02.12 09:52:06 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011.02.12 09:52:02 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011.02.12 09:50:12 | 000,044,105 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011.02.12 09:18:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011.02.11 21:35:38 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011.02.11 21:35:33 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011.02.11 21:35:29 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011.02.11 21:35:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011.02.11 21:35:19 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011.02.11 21:32:13 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011.02.11 21:32:12 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011.02.11 21:32:11 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011.02.11 21:32:07 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011.02.11 21:28:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011.02.11 21:28:27 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011.02.11 21:28:26 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011.02.11 21:28:26 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011.02.11 21:28:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011.02.11 21:28:25 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011.02.11 21:28:24 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011.02.11 21:28:23 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011.02.11 21:28:21 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011.02.11 21:28:16 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011.02.11 19:33:13 | 000,002,136 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Windows-Kompatibilitätsbericht.htm
[2011.01.30 10:13:42 | 000,000,951 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Spybot - Search & Destroy.lnk
[2011.01.27 16:55:39 | 000,016,072 | ---- | C] () -- C:\WINDOWS\iragabob.dll
[2011.01.27 16:54:58 | 000,016,114 | ---- | C] () -- C:\WINDOWS\owelolel.dll
[2011.01.26 19:54:30 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.26 19:44:59 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Kbonakihe.dat
[2011.01.26 19:44:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Bqosaneyafi.bin
[2010.10.29 15:17:41 | 000,000,116 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\default.pls
[2010.10.23 19:27:32 | 000,000,010 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\install
[2010.10.23 19:23:58 | 000,000,191 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\33498.bat
[2010.10.23 19:23:38 | 000,000,191 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\26695.bat
[2010.10.23 19:19:20 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.23 19:19:12 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.23 19:16:46 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\googleupdate.log
[2010.10.10 18:49:15 | 000,000,083 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2010.08.20 17:38:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.07.04 12:48:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.01.08 14:11:41 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\EloOpenOffice.dll
[2010.01.08 14:11:41 | 000,158,760 | ---- | C] () -- C:\WINDOWS\System32\ELOComRes.dll
[2010.01.08 14:09:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\FULINST.INI
[2009.06.28 20:17:17 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2009.01.07 19:01:44 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2008.09.09 19:46:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.07.25 12:07:48 | 000,000,703 | ---- | C] () -- C:\WINDOWS\System32\iconcfg.ini
[2008.06.18 19:26:16 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\dbjavio6.dll
[2008.06.18 19:26:14 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\dbauth6.dll
[2008.06.18 19:26:08 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2008.06.18 19:26:05 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2008.06.18 19:26:05 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2008.06.08 08:36:12 | 002,156,960 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\NMM-MetaData.db
[2008.04.20 09:48:38 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.04.18 18:18:57 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\dbodtr6.dll
[2008.04.18 18:18:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dbextf50.dll
[2008.01.01 09:57:16 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2008.01.01 09:57:16 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.11.16 14:04:23 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.11.16 13:31:56 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2007.11.16 13:31:55 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2007.11.16 13:31:19 | 000,000,657 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2007.11.10 13:46:11 | 000,002,454 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\GdiplusUpgrade_MSIApproach_Wrapper.log
[2007.11.10 13:46:11 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2007.11.10 13:40:46 | 000,005,931 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2007.10.02 18:10:23 | 000,000,133 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2007.09.19 04:55:55 | 000,144,384 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.09.09 18:48:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2007.09.09 18:48:26 | 000,002,646 | ---- | C] () -- C:\WINDOWS\BRMFBIDI.INI
[2007.09.09 18:47:50 | 000,000,416 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2007.09.09 18:47:50 | 000,000,079 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.09.09 18:47:50 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Brpcfx.ini
[2007.09.09 18:46:11 | 000,025,939 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007.09.09 18:34:17 | 000,000,054 | ---- | C] () -- C:\WINDOWS\miniFaktura.ini
[2007.09.09 18:28:23 | 000,002,508 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\$_hpcst$.hpc
[2007.09.09 18:10:49 | 000,000,039 | ---- | C] () -- C:\WINDOWS\orgaMAX.ini
[2007.09.09 18:03:19 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2007.09.07 19:44:46 | 000,000,309 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.09.07 19:21:08 | 000,000,485 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.09.07 18:37:57 | 000,000,852 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.09.07 18:33:13 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007.09.02 08:58:23 | 000,092,426 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2007.09.02 08:57:38 | 000,078,549 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2007.09.02 08:54:27 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.09.01 17:41:21 | 000,004,525 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.29 22:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2006.06.06 22:45:15 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\esam.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.08.08 08:20:40 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\Welsof32.dll
[2002.01.08 15:57:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
 
========== LOP Check ==========
 
[2008.10.05 16:27:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ACD Systems
[2008.10.11 22:50:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2010.03.15 14:05:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2008.02.10 09:51:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2011.01.29 18:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bandoo
[2010.01.01 09:46:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2010.02.23 18:49:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes
[2010.01.08 17:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2011.01.28 18:51:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fun4IM
[2008.05.24 18:41:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2008.05.24 18:38:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2008.05.24 18:44:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.01.08 18:20:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PFU
[2007.09.24 20:02:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simple Star Shared
[2010.02.23 18:48:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2011.02.13 20:44:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.07.12 19:18:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2010.07.21 18:29:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.11.14 13:27:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\0C1992492B11925F576462A18B044D41
[2008.10.05 16:28:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ACD Systems
[2008.10.11 22:52:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Acronis
[2008.01.22 19:00:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Autodesk
[2008.04.20 09:50:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DAEMON Tools Pro
[2010.08.20 17:23:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Dekart
[2008.08.28 16:40:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Elaborate Bytes
[2010.01.08 16:42:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Elo
[2011.02.09 19:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Foymfe
[2008.01.04 21:02:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\FRITZ!
[2009.03.27 19:34:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mobile Master
[2008.05.24 18:42:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia
[2008.06.08 08:39:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia Multimedia Player
[2008.05.11 11:31:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Opera
[2010.01.05 18:33:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PaperArchiver
[2008.06.07 18:52:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PC Suite
[2010.01.08 18:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PFU
[2011.02.12 12:09:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Registry Mechanic
[2010.07.21 18:40:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SharePod
[2007.09.24 20:02:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Simple Star
[2008.06.08 08:49:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\SlySoft
[2008.05.30 13:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Steinberg
[2009.09.07 18:56:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Subversion
[2008.10.03 12:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Supreme Auction
[2010.05.28 18:19:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\TomTom
[2011.02.12 10:08:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Tygo
[2010.12.30 13:01:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\WEB.DE
[2011.01.30 01:29:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Zeopyn
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2010.07.02 17:56:03 | 000,000,000 | RHSD | M] -- C:\acroldr
[2010.05.01 12:04:13 | 000,000,000 | ---D | M] -- C:\CloneDVDTemp
[2011.02.12 12:55:16 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2010.10.23 19:27:15 | 000,000,000 | ---D | M] -- C:\DBControl
[2011.02.12 11:40:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2011.02.12 10:48:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2010.05.22 08:51:53 | 000,000,000 | -HSD | M] -- C:\found.000
[2010.03.17 19:26:56 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.05.27 19:06:05 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.02.13 20:44:22 | 000,000,000 | ---D | M] -- C:\Programme
[2010.10.23 19:40:35 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.01.29 20:24:15 | 000,000,000 | -H-D | M] -- C:\RestorPoint
[2010.10.23 19:33:35 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.02.11 19:21:39 | 000,000,000 | ---D | M] -- C:\TEMP
[2007.09.07 19:21:27 | 000,000,000 | ---D | M] -- C:\wincmd
[2011.02.13 20:43:25 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2011.02.12 10:47:27 | 000,000,000 | ---D | M] -- C:\WINDOWS.0
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: EXPLORER.EXE  >
[2004.08.04 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS.0\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007.06.13 14:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 06:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS.0\system32\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 13:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 06:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS.0\system32\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-02-12 12:07:12
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 136 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B63300D1
@Alternate Data Stream - 124 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C8B8CEBD
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1

< End of report >
         
  • Extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 14.02.2011 07:18:01 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Dokumente und Einstellungen\User\Desktop\MFTools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 69,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 177,93 Gb Total Space | 150,80 Gb Free Space | 84,75% Space Free | Partition Type: NTFS
Drive D: | 287,83 Gb Total Space | 259,90 Gb Free Space | 90,29% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.5.Browse] -- "C:\Programme\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe" "%1" (ACD Systems)
Directory [CEWE FOTOSCHAU] -- "C:\Programme\dm\dm Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [dm Fotowelt] -- "C:\Programme\dm\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm-Fotowelt] -- "C:\Programme\dm\dm Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Müller Fotowelt.exe] -- "C:\Programme\Müller Fotowelt\Müller Fotowelt\Müller Fotowelt.exe" "%1" ()
Directory [OnlineFotoservice] -- "C:\Programme\OnlineFotoservice\OnlineFotoservice\OnlineFotoservice.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\wincmd\WINCMD32.EXE" = C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"E:\fsetup.exe" = E:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\TEMP\HP_WebRelease\Setup\HPZnet01.exe" = C:\TEMP\HP_WebRelease\Setup\HPZnet01.exe:*:Enabled:Install Consumer Experience Network Plug in -- (Hewlett-Packard)
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update -- (AVM Berlin)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:HP AiO Fax Manager -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:HP OfficeJet Settings Interface -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:HP Fax Setup Wizard -- (Hewlett-Packard Co.)
"C:\Programme\HP\Digital Imaging\bin\hpospd08.exe" = C:\Programme\HP\Digital Imaging\bin\hpospd08.exe:*:Enabled:HP OfficeJet Speed Dial Interface -- (Hewlett-Packard Co.)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service -- (SiSoftware)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Programme\Nero\Nero8\Nero ShowTime\ShowTime.exe" = C:\Programme\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)
"C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.6.0_05\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_05\bin\java.exe" = C:\Programme\Java\jre1.6.0_05\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Programme\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe" = C:\Programme\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe:*:Enabled:Product Key Explorer
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24C606DF-E557-4D18-B45A-F256B1606635}" = VC80
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}" = ACDSee Pro 2.5
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{340695E9-AABC-4BCE-98CC-DFDC20649242}" = Enterprise
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{358A2F50-8885-4EDE-BBB0-130A5834E0B4}" = Visual FoxPro 9.0 Baseline - English
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{503D6E3E-1A48-44F5-BB7C-EB3B593FAED0}" = Opera 9.27
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D19E730-D3C6-47F4-AE4B-DCB26EC2D905}" = Nokia Software Updater
"{5D6EC6F7-9B38-4a02-B063-97C2048B56A2}" = 7200_Help
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{83E58D0D-7FF8-448D-9151-C3EE1BDE8380}" = Falk Navi-Manager
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{8EA67542-82B6-4c5c-8AD3-CD36232C1362}" = HP PSC & Officejet 4.7 Corporate Edition
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{924A365C-6727-42B9-91AC-C8C2CAC0B835}" = Falk Navi-Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BAAE963-E16D-4E17-AFE6-1965F5AA0292}" = Visual FoxPro 9.0 Professional - English
"{9C05FA75-0337-4523-AA57-9D3511018887}" = Nokia PC Suite
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A7391302-FADF-4314-80DC-C757DAE45178}" = 7200
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{AC966B90-53CA-4710-8EEE-57ED25387872}" = 7200Trb
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{BD29EBAC-AD7D-4b27-B727-4CC6AC52D36B}" = MarketResearch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis True Image Home
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Lite XII.SP1
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8 Ultra Edition HD
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DC226AC9-0314-496C-BE6A-B6A132628466}" = SiSAGP driver
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E782A239-BB9C-419A-A515-368BBEF789C5}" = StarMoney
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"9397EA7527D5597E900F76DDCF42A1DEDCBDC288" = Windows Driver Package - Dekart (DEKART38) SmartCardReader  (11/21/2007 1.0.5.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Anti-Twin 2010-12-05 19.05.47" = Anti-Twin (Installation 05.12.2010)
"avast5" = avast! Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Biet-O-Matic v2.4.0" = Biet-O-Matic v2.4.0
"CCleaner" = CCleaner
"dm Fotowelt" = dm Fotowelt
"dm-Fotowelt" = dm-Fotowelt
"ERUNT_is1" = ERUNT 1.1j
"FreePDF_XP" = FreePDF (Remove only)
"FRITZ!DSL" = AVM FRITZ!DSL
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"HP Photo & Imaging" = HP Image Zone 4.7
"HPExtendedCapabilities" = HP Extended Capabilities 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"miniFaktura_is1" = miniFaktura 5.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Müller Fotowelt" = Müller Fotowelt
"Nero PhotoShow Express 5" = Nero PhotoShow Express 5
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"OnlineFotoservice" = OnlineFotoservice
"orgaMAX_is1" = orgaMAX 6.0
"RealAlt_is1" = Real Alternative 1.7.5
"SiS VGA Driver" = SiS VGA Utilities
"TomTom HOME" = TomTom HOME 2.8.0.2146
"UltraISO_is1" = UltraISO V7.25 ME
"Visual FoxPro 9.0 Professional - English" = Microsoft Visual FoxPro 9.0 Professional - English
"VLC media player" = VideoLAN VLC media player 0.8.6c
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wincmd" = Windows Commander (Remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinISO_is1" = WinISO 5.3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"xp-AntiSpy" = xp-AntiSpy 3.96-2
 
========== Last 10 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 05.02.2009 16:05:12 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 29.07.2009 09:37:05 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 29.07.2009 10:37:05 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 12.08.2009 02:13:00 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 12.08.2009 02:23:01 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 12.08.2009 03:03:01 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 12.08.2009 03:13:01 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 12.08.2009 13:07:28 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 07.10.2009 07:22:14 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
Error - 21.11.2009 08:00:46 | Computer Name = PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 11.02.2011 14:39:43 | Computer Name = PC | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
 
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: The connection with the server was terminated
 abnormally  .
 
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 11.02.2011 18:50:35 | Computer Name = PC | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.
.
 
Error - 11.02.2011 20:19:34 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
 unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
 
Error - 12.02.2011 05:19:33 | Computer Name = PC | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung svchost.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
 
Error - 12.02.2011 05:21:41 | Computer Name = PC | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 00536409.
 
Error - 13.02.2011 15:49:36 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung teatimer.exe, Version 1.6.6.32, fehlgeschlagenes
 Modul teatimer.exe, Version 1.6.6.32, Fehleradresse 0x0006e66e.
 
[ System Events ]
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Nero BackItUp Scheduler 3" wurde unerwartet beendet. Dies 
ist bereits 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "PLFlash DeviceIoControl Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Autodata Limited License Service" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Pml Driver HPZ12" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Crypkey License" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AVM IGD CTRL Service" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "SoundMAX Agent Service" wurde unerwartet beendet. Dies ist
 bereits 1 Mal passiert.
 
Error - 13.02.2011 15:16:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "TomTomHOMEService" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 13.02.2011 15:16:56 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NMIndexingService" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 13.02.2011 15:16:56 | Computer Name = PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Acronis Nonstop Backup service" wurde unerwartet beendet. 
Dies ist bereits 1 Mal passiert.
 
 
< End of report >
         


Alt 22.02.2011, 09:07   #6
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



Kann mir hierzu keiner helfen?
Oder soll ich die Logdatei von HijackThis einstellen, was aber ja nicht mehr gemacht werden sollte laut Larusso..

Wäre echt dankbar!

Alt 22.02.2011, 13:39   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



Zitat:
Art des Suchlaufs: Quick-Scan
Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 22.02.2011, 14:35   #8
Lastenmuli
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



Hallo und danke für die Info.
Hab es aber genau so gemacht, wie Larusso es in seiner Anleitung hier im Bereich
"Hijacker / HiJackThis Logs posten" verlangt hat.
Man solle ja nicht mehr die HiJackthis-Log`s posten sondern diese einzelnen Programme nehmen..

Wollte jetzt nur wissen, ob ihr an den Log`s sehen könnt, ob da noch was versteckt in meinem System schlummert..

Sorry, kenne mich da nicht ganz so gut aus damit..

Danke auf jeden Fall für jegliche Info..

Alt 22.02.2011, 15:34   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Standard

Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..



Und ich hab dich gebeten einen Vollscan zu machen! Also mach es bitte und auch das andere was ich gepostet habe!!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..
administrator, anti-malware, autostart, avast, booten, dateien, desktop, einstellungen, explorer.exe, image, logfiles, malware, malwarebytes, microsoft, programme, required, software, spybot, startet, system, system32, taskmanager, trojan.agent, trojan.fakealert, trojaner, wallpaper



Ähnliche Themen: Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen..


  1. Meine Logfiles (Bluescreen beim Booten, auch im abgesicherten Modus)
    Log-Analyse und Auswertung - 03.09.2014 (9)
  2. Windows 7 Internet Explorer startet nicht mehr.
    Log-Analyse und Auswertung - 30.04.2014 (56)
  3. Windows 7 startet nicht mehr, schwarzer Bildschirm beim Booten mit weißem Mauszeiger
    Log-Analyse und Auswertung - 19.03.2013 (0)
  4. Explorer.exe startet bei Anmeldung nicht mehr automatisch
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (27)
  5. Internet Explorer startet nicht mehr
    Log-Analyse und Auswertung - 16.02.2010 (11)
  6. explorer.exe startet nicht mehr, Windows-Firewall lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 12.02.2010 (7)
  7. Windows Explorer startet nicht mehr
    Log-Analyse und Auswertung - 15.11.2009 (4)
  8. Explorer.exe startet nicht mehr automatisch
    Plagegeister aller Art und deren Bekämpfung - 16.03.2009 (0)
  9. Explorer startet nicht beim Start von Vista Ultimate.
    Mülltonne - 05.10.2008 (0)
  10. Keine Adminrechte mehr und Antivir startet nicht --> Win XP Prof
    Log-Analyse und Auswertung - 18.09.2008 (1)
  11. Windows-Explorer startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 29.01.2008 (6)
  12. Explorer.exe startet nicht mehr
    Alles rund um Windows - 01.05.2007 (13)
  13. explorer startet nicht mehr automatisch
    Plagegeister aller Art und deren Bekämpfung - 30.04.2007 (5)
  14. explorer.exe startet nicht mehr
    Alles rund um Windows - 13.12.2006 (2)
  15. explorer.exe startet nicht mehr
    Log-Analyse und Auswertung - 13.07.2006 (2)
  16. Internet Explorer 6 SP1 - startet nicht mehr !!!
    Alles rund um Windows - 28.06.2006 (1)
  17. Internet Explorer startet nicht mehr automatisch
    Plagegeister aller Art und deren Bekämpfung - 17.02.2004 (9)

Zum Thema Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. - Hallo an alle, mein PC startete zwar, aber es kam nach dem booten nur der Wallpaper im Hintergrund. Der Desktop selbst blieb leer. Unter`m Taskmanager sah ich, dass der Explorer.exe - Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.....
Archiv
Du betrachtest: Explorer.exe startet nicht mehr beim Booten, XP Prof. Logfiles ansehen.. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.